Space-Time Signal Processing for Detecting and Classifying Distributed Attacks in Networks

Award Information
Department of Defense
Air Force
Award Year:
Phase I
Agency Tracking Number:
Solicitation Year:
Solicitation Topic Code:
AF 09TT09
Solicitation Number:
Small Business Information
Numerica Corporation
4850 Hahns Peak Drive, Suite 200, Loveland, CO, 80538
Hubzone Owned:
Socially and Economically Disadvantaged:
Woman Owned:
Principal Investigator:
Randy Paffenroth
Program Director
(970) 461-2000
Business Contact:
Jeff Poore
(970) 461-2000
Research Institution:
Colorado State University
Cathy Smith
B204A Engineering
Ft. Collins, CO, 80521
(970) 491-5914
Nonprofit college or university
A mathematical framework for detection and classification of weak, distributed patterns on computer networks is proposed. The framework will provide rigorous methods for understanding performance bounds and optimality of intrusion detection methods, while also providing concrete and implementable algorithms. The algorithms will find immediate application in cyber-security efforts, as well as more general sensor networks. The mathematical techniques we propose to use include processing of raw data measurements at the nodes into higher-order process states using Numerica's expertise in advanced multiple hypothesis testing , extensions of recently developed compressed sensing methods for compression of second order statistics, and pattern detection using dependencies in second order data - coherence estimates, for example, provide a low-dimensional statistic for the identification of pattern classes. The research will be conducted in tandem with simulations on synthetic data, and actual Internet traffic in real-time using the PlanetLab emulation test-bed. Experimental simulations will not only be used to test algorithms and validate performance bounds, but also to inform and enhance measurement plans and hypotheses. BENEFIT: The proposed research will provide a rigorous mathematical framework for understanding intrusion detection algorithms on computer networks. These algorithms will provide immediate enhancements to current cyber-security efforts, and consequently will benefit computer network security in the corporate sector, all federal agencies, and national infrastructures where breaches of cyber-security are becoming more prevalent and have potentially catastrophic consequences. Thus, the algorithms will help to ensure the integrity of our nation's sensitive computer networks. Commercially, the development of cybersecurity algorithms and software is a multi-billion dollar industry annually and expected to grow robustly as our nation's exposure to cyber threats increases.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government